package com.juzipi.demo.filter;

import com.alibaba.fastjson.JSONObject;
import com.juzipi.demo.shiro.JWTToken;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

//自定义过滤器对token进行处理
public class JWTFilter extends BasicHttpAuthenticationFilter {


    //如过带有token则对token进行检查，没有就通过
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
        HttpServletResponse httpServletResponse = (HttpServletResponse)response;
        //判断请求头中是否携带token
        if (isLoginAttempt(request,response)){
            try {
                //如果携带直接 executeLogin 执行登录，检查token是否正确
                executeLogin(request,response);
                //成功就通过
                return true;
            } catch (Exception e) {
                e.printStackTrace();
            }
        }

        //防止中文乱码
        httpServletResponse.setContentType("text/json;charset=utf-8");
        //fastJson这样用的，懂了
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("flag","true");
        jsonObject.put("message","没有携带token通过了过滤器");
        jsonObject.put("code","1");
        try {
            httpServletResponse.getWriter().append(jsonObject.toString());
            httpServletResponse.reset();
        } catch (IOException e) {
            e.printStackTrace();
        }
        //请求头没有携带token，可能是登录或者游客状态
        return true;

    }


    //判断用户是否想要登入
    @Override
    protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        String token = httpServletRequest.getHeader("token");

        return StringUtils.isNotBlank(token);
    }



    //执行登陆操作
    @Override
    protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest)request;
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        String token = httpServletRequest.getHeader("token");

        JWTToken jwtToken = new JWTToken(token);
        //提交给Realm进行登录，如果错误它会抛出异常
        try {
            Subject subject = getSubject(request,response);
            subject.login(jwtToken);
        } catch (AuthenticationException e) {
            //防止中文乱码
            httpServletResponse.setContentType("text/json;charset=utf-8");
            JSONObject jsonObject = new JSONObject();
            jsonObject.put("flag","false");
            jsonObject.put("message","携带了token登陆失败");
            jsonObject.put("code","2");
            httpServletResponse.getWriter().append(jsonObject.toJSONString());
            httpServletResponse.reset();
            e.printStackTrace();
        }
        //没有抛出异常就登录成功，返回true
        return true;
    }


//    @Override
//    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
//        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
//        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
//
//        httpServletResponse.setHeader();
//
//
//        return super.preHandle(request, response);
//    }
}
